Fresh hacking articles every day

Tag: metasploit

EternalView is an all in one basic information gathering toolUpdate:CLI tool, made in BASH <3WAF/IDS/IPS detection is live!!!Dependencies:BASHIf you are in Windows, Follow this guide to get BASHWgetWhoisNmapMetasploit frameworkAutopwn™How to install:Downloadclone through termial :git clone https://github.com/rpranshu/EternalView.gitORDownload directly as zipRun -in terminalchmod +x EternalView.sh./EternalView.shFeatures: FeatureExplanationWhois InformationPrints the whois information of the entered web addressDNS lookupPrints the DNS information and web recordsCloudflare detectionTells whether a particular website is powered by cloudflareIP locatorPrints the geolocation of a web serverHTTP Header analyzerPrints the header information of a websiteRobots.txt scannerScans the robots.txt file of a webpage and prints the unindexed informationAssociated LinksPrints the list of all accessible pages of a websiteNMAP port scannerPerforms an extensive port scan on a given website or ip addressTraceroutePrints the route and measures the transit delays of packets across a given web/IP addressAutopwn™A simple bash based metasploit automation tool! With just a few clicks, own any android or windows device!!Future updates:Support for windowsFirewall detection and evasionDownload EternalView

A simple bash based metasploit automation tool!With just a few clicks, own any android or windows device!!Update:Changed the name from Autopreter to Autopwn™System-wide installation (just enter Autopwn in the terminal from any directory!!)Added eternalblue exploitPrerequisitesMetasploit frameworkA linux/unix based systemngrok Please note that ngrok is not not a necessity and is required only for performing over the internet (WAN) attack!Installationchmod +x Autopwn.sh./Autopwn.shFuture UpdatesMore exploits to be addedWindows host support to be added soonDownload Autopwn

WinRM stands for Windows Remote Management and is a service that allows administrators to perform management tasks on systems remotely. Communication is performed via HTTP (5985) or HTTPS SOAP (5986) and support Kerberos and NTLM authentication by default and Basic authentication. Usage of this service requires administrator level credentials. In a red team scenario if […]

Automated Tactics Techniques & Procedures. Re-running complex sequences manually for regression tests, product evaluations, generate data for researchers & so on can be tedious. I toyed with the idea of making it easier to script Empire (or any frameworks/products/toolkits that provide APIs like Metasploit (RPC), Cobalt-Strike & so on) using IDE like Visual Studio Code (or equivalent). So I started to design AutoTTP. This is still very much work in progress. Please use Empire 2.2.What is TTP?The tactics are organized as per my Attack Life Cycle model. There are other models like Lockheed Martin’s Kill-Chain(R), Mandiant Attack Life Cycle & Mitre’s ATT&CK. Whichever model it may be, a “Tactic" essentially groups techniques together, eg. code-execution/run-payload can be achieved with many ways:Has been used "Stage" to group relevant "Tactics" together. If you look into the source tree, the folder structure reflects the matrix’s Tactics column. The matrix also mentioned respective controls for each offensive tactic. How did these stages came about?The venn diagram in the middle of the red cycle is from Dartmouth College’s "Three Tenets for Secure Cyber-Physical System Design and Assessment". It defines the necessary & sufficient conditions, or simply the requirements of any successful physical/logical attacks. I added the red ring (stages) around the venn diagram to illustrate typical offensive flows which ultimately leads to impact of Information Confidentiality, Integrity, & System Availability or Safety if it is related Cyber-Physical (think Critical Information Infrastructure).An attacker can start from Stage 1 and get straight into Stage 4 eg. default admin credentials on an publicly exposed admin page. It does not need to be linear (stage 1->2->3->4). After the initial infiltration, s/he could have performed some internal information gathering (reconn) first before escalating privilege on the first machine & then launching a remote command to another target machine within the same network. For the next victim machine, it is a Stage 2; successful payload delivery and execution which allows the attacker to gain command & control over yet another machine.Download AutoTTP

Netbios Name Service (NBT-NS) is used in Windows networks for communication between hosts. Systems will use this service when resolving names over LHOSTS and DNS fail. Abusing this service to perform a Man-in-the-middle attack is a common tactic that has been widely used by penetration testers and red teamers to gain initial foothold inside a […]

PenTestIT RSS Feed
WPXF update time again guys! Since my first post about this WordPress exploitation framework almost a year ago, this tool has gotten better and a new version – WordPress Exploit Framework v1.9.2 has been released. This post will summarize the updates for the latest release such as update for the latest Ruby versions and moduleRead more about UPDATE: WordPress Exploit Framework v1.9.2
The post UPDATE: WordPress Exploit Framework v1.9.2 appeared first on PenTestIT.

Mercury is a hacking tool used to collect information and use the information to further hurt the target. InstallationRequires Python2 (Linux)apt-get install python2git clone https://www.github.com/MetaChar/Mercurypip install -r requirements.txtFeaturesBruteForceMercury uses Selenium to automatically input passwords into a websiteGeoLocationGelocation allows the user to pin point the exact location of the ip addressSms SpamUses gmail to spam smsSpoof EmailSends anonymous emailsCheck If Website ExistsMercury checks if the website is realCheck if Website Is DownChecks if websites status is online or offlineEncode Strings Into Hash FormEncodes your text into hash formHex Encode/DecodeEncodes and decodes hex stringsWhats My Ip & Macshows mac and ip addressSpam emailspams email in While True loopDownload Extra ToolsDownload an extra 16 tools like hydra, metasploit and nmapGithub Cloner & Pip IntsallerInstalls Pips and Github reposWebsite ClonerExtracts the source code from a websiteIp Address From WebsiteFinds ip address from websitenmapNmap must be pre installed and its somewhat glitchy on linuxPort ListenListens to portsDOSdos attack via packetsAnonWebbrowserLoads up Chrome, with a proxyGoogle DorksFinds vulrnable linksAdmin PannelHelps find the admin pannel to a websiteWebsitesAccess some of the best hacking & robotoics websites.Proxy ScraperFind the best Us proxys!Twitter Info GrabGrab a twitter users basic infoDownload Mercury

Network penetration tests usually stop when domain administrator access has been obtained by the consultant. However domain persistence might be necessary if there is project time to spent and there is a concern that access might be lost due to a variety of reasons such as: Change of compromised Domain Admin Password Detection of new […]

PenTestIT RSS Feed
I know, I know that you already have read about AutoSploit and used it probably since word got out about this auto exploitation tool some two months ago. However, between then and now, a lot has changed with the tool and this post is about that. What is AutoSploit? AutoSploit is an automated, mass exploitationRead more about AutoSploit = Shodan/Censys/Zoomeye + Metasploit
The post AutoSploit = Shodan/Censys/Zoomeye + Metasploit appeared first on PenTestIT.

Passwords in clear-text that are stored in a Windows host can allow penetration testers to perform lateral movement inside an internal network and eventually fully compromise it. Therefore in a system that has been compromised with elevated access (Local Administrator or SYSTEM) and persistence has been achieved the hunt for clear-text passwords should be one […]